Free Downloads


Download and use these files at your own risk. ITauditSecurity blog is not responsible for any damages or results and does not certify these files for any purpose. By downloading these files, you agree to indemnify, hold harmless, and defend ITauditSecurity blog and/or its employees, affiliates, subsidiaries, and agents from any claims and expenses including attorney fees and damages, actions, or negligence arising in connection with the use of this site, these files, or the download site.

Sorry to send you to another link below to download files, but I can’t host the files here on my blog…

UPDATE 2-22-14 Skydrive was renamed OneDrive.

UPDATE 10-1-15 I updated this post with new screenshots and instructions.

To download a file:

  1. Further down on this page, find and click the link that corresponds to the file you want to download (see the ‘Download Links’  topic below). The link will take you to the appropriate folder on the ITauditSecurity blog OneDrive download site.

Depending on your default view setting, you will see something like this for the CISA guide (2 different examples are provided).

CISA OneDrive Download21

CISA OneDrive Download1

2. Click Download (see red box in screenshots above) and save the file(s). Since some of the files are quite large, I suggest you download each file separately.

For some reason, some people are not able to download the study guide. Most people have no issues. I have again tried it myself and successfully downloaded the guide myself using the latest versions of Internet Explorer, Firefox, and Chrome. Based on the download stats, I see many people download it successfully all the time.

I can even access this from my phone, but I strongly suggest that you download it with a device other than a phone.

Unfortunately, I am no longer emailing the guide out to those who can’t download it. I apologize, but I don’t have the time, and it appears it is usually ‘user error’. For those who have trouble, I suggest that you ask someone else to help you with the download

If you leave a comment asking me to email it to you, your comment will be deleted. Sorry.


Download Links

Two sets of links are shown below: Click the first link to access the ITauditSecurity blog OneDrive site and download the file(s); click the second link to read the article that describes the file(s).

Download ACL in Practice PDF and sample data files – described in Teach Yourself ACL.

Download CISA Study Guide – described in FREE CISA Study Guide.

As of 9/3/16, the CISA Study Guide has been downloaded over 33.000  times! And I’m no longer counting….

Download Customer.txt – described in ACL: How to Add a Computed Field

Please leave a comment and let me know what you think!


113 responses to “Free Downloads

  1. soundararajan

    Really thankful to you for the wonderful free book for guidance for CISA. As said one source is to be supplemented with second/third source.
    Your guide shows the path of preparation and ease of study.
    Rare gesture
    Thanks again & with regards


    • Hi S. Soundararajan,
      Thanks for your comments; I appreciate the feedback. Good luck on the exam and stop back and let me know what you thought of it.


      • Paras Mani Dhakal, ACCA

        i cannot download free cisa guide hence i am requesting you to send mail in my email id . Thanking you for taking your precious time to forward the same in my email id.


        • Paras,
          Sorry for the problem. Please provide more info as to what problem you’re having. First, what browser are you using (name and version #). Also, when you click the link, what do you see?

          I need this info to determine what the problem is and whether I need to warn people with a certain browser that it won’t work. Please reply with that information and I’ll be happy to email you a copy. Thanks.


  2. Rich Biritwum

    Like Soundararajan, I appreciate your generosity in posting your personal study guide for others to learn from. Your methodology is very sound and should be immensely helpful to me. Currently studying for my CISSP CBT exam, and that’s what got me to this site in the first place. I’m hoping to tackle the CISA by year’s end and will continue to check out your site. Thanks again.


  3. Rich,
    Glad you appreciate it. Since I already created the study guide, all I had to do was a little editing. Since I appreciate all the help I’ve gotten from papers and blogs over the years, I am more than happy to give back. When you pass, come back and let us know.

    Thanks for your comments!


  4. aj_shehan

    Thank You Very Much!! Greatly appreciate this.!! Thank You very much again!


  5. Ihsan

    I need to know whether Mocks Questions/Dumps are also available for CISA exam?


    • Ihsan,
      No questions or dumps here. I don’t know of any out there, either. That’s why I put my CISA study guide out. Any commercial study guide will have anywhere from 100 to 500 questions in it.

      When I put my guide out, I believe it was the first one on the Internet that is free. If anyone finds another one, please post a link below.


      • Khaled Nazer

        You are right, there is no another one on the Internet that is free.
        Your work is really admired and appreciated.

        Hope, that I can receive a copy of this CISA study guide.


  6. Santosh Kaimal

    Thanks for the guide. i plan to take the CISA exam this Dec.
    Does it help to be a ISACA member ?


    • Santosh,
      Joining ISACA doesn’t really affect your taking of the exam itself, but the exam is cheaper if you’re a member. If you pass the exam, you have to join ISACA to hold the certification. ISACA charges you fees every year: 1 for membership to the overall organization, 1 for local membership, and 1 for the CISA cert. Every year. Annually, about $140.

      In contrast, I have the CISSP, and ISC2 charges me 1 fee for everything, and it’s cheaper. Annually: $85.

      I don’t have the CIA, so I can’t speak to that.

      Personally, I like the Institute of Internal Auditors (IIA) better, but if you’re in IT audit, the CISA is an easier exam and more pertinent to IT auditing. Also, the IIA journal is better than ISACA’s. I read the IIA journal cover to cover, but ISACA’s journal, I read 2 or 3 articles.

      Having said that, ISACA’s website has a lot of good material that requires a membership, although some of the material is available to all (I’ll post more on that in the future).

      I belong to ISACA, IIA, and ISC2.


      • Santosh Kaimal

        Will really appreciate if you can point to resources (for members or otherwise) on the ISACA website that could help prepare for CISA.


        • Santosh,
          The best way to identify the resources available are to search “CISA” on You can do that without being a member. If a link in your search results leads to a resource that requires ISACA membership, you will be prompted to log in. You’ll find other sources it you Google too, but be careful.

          If you are a member, go to the Knowledge Center tab, then click on “eLibrary”. This resources provides entire books on a variety of subjects that you can read online or download, chapter by chapter (limited to 15 chapters every 2-4 months or so). Some day I’ll write a post about this.

          One of the books in the eLibrary is the CISA Review Manual, but only chapter 1. You can read that chapter free, but that’s it.

          I hope that helps. Unfortunately, few free resources are out there for CISA. That’s why I released my guide and why it gets at least 30+ downloads a day.

          Wish you the best.



    Thanks so much for preparing and sharing the guide! It would indeed be helpful for us!


  8. Charles oparah

    I certainly appreciate your selfless altruism. please let me know how I can access your material for the CISA exam. I have a friend who is taking the exam soon. However, I need your advice on how to prepare and take the Institute of Internal auditor examination. Please advise.

    Thanks for this great web site.


  9. Ebbie

    This is awesome. Thanks for sharing. It will surely come in handy for my CISA classes; but I will surely give credit.


  10. Van

    I just want to say thank you. Appreciate you sharing all the info.


  11. Mayank

    Thanks for this Lucid Material its really helpful and help me in final touch for the exam :)


  12. Mayank, I wish you the best. Remember to focus on the audit factors, not the IT factors.


  13. roopaamit

    Hello Moderator,

    I need some help. I am basically confused as to what would be good for me CISA or CISSP. I want to do both. My current job needs more of CISSP, Howvever I feel CISA would be more easy than CISSP and If I do CISA atleast I will have one certificate to get better job then slowly I can do CISSP. I have 5 years of exp with 3 as IT security. I want to manage information security and also do audits. Do you think I am going right? I am totally confused. Please could you guide me?



    • roopaamit,
      You are correct that CISA would be easier and probably faster to get. However, the CISA is not, contrary to what many think, a real “IT” certification. It’s more about audit than IT. See my posts regarding the CISA (just search that term in the search box at the upper right).

      Having said that, if you’re not currently doing audit, you might struggle with the CISA. A lot of people take the CISA thinking they’ll pass easy because they know IT. Those people fail the exam.

      What you do first depends on your situation and your goals, which I don’t fully understand. So based on my experience and the little you told me, here’s my opinion…

      I’d get the CISSP first. The studying would help you in your current job right away, and that cert will probably mean more to your manager than the CISA. And to your next manager. The CISSP is also more respected than the CISA and applies to more types of work than the CISA.

      Finally, the types of audits that security professionals do are a bit different than those done by auditors. Having both won’t hurt, but I’d suggest you go after the harder one first, especially since it sounds like you do more security than audit.

      I got my CISSP first and that certification got me 2 audit jobs, the first when I didn’t have much audit experience and the 2nd job after I had some audit experience. Both hiring managers told me that I was hired over other auditors solely because of my CISSP.

      It wasn’t until later in a 3rd audit job that I finally got my CISA. That cert rounded out my understanding of audit, no doubt, but financially and prestige-wise, it hasn’t done anything for me. I still think it was worth it, and my manager sleeps better at night. :)

      The only reason I got the CISA is because all the IT auditors I hired at one company had it, and all the IT auditors I worked with in another company had it. Having both is a big plus in security or audit because it says you understand the fundamentals of both professions.

      I wish you the best. Go for it!


      • roopaamit

        You actually spoke what was on my mind. Thank you for this piece of advice. I know now for sure which direction to head. Actually I had decided CISSP but then as told before I felt CISA would be a quicker one. As you said I do more of security than Audit so CISSP is better. Once I get this I can then move towards CISA. Thanks again for your time and best wishes. :)

        Roopa Amit


  14. Sharda

    I am seeing the ‘teach your self ACL’ when I click on the ‘CISA study guide’


  15. Tiger

    I’m facing the same problem as Sharda.
    Clicking to Ciss study guide link, guides to ACL files download page.


    • Tiger, what browser are you using?

      Either way, when you see the ACL stuff, look at the top of the page for this text:
      itauditsecurity blog’s SkyDrive > ITauditSecurity blog > ACL

      Click on the words ITauditSecurity blog and then you’ll see
      CISA Study Guide. Click that and you’ll see Free CISA Study Guide. Click that and the guide will download. Let me know that you got it!

      Sorry for the trouble!

      I think I got the link fixed this time….


  16. Sheetu

    Thanks a ton for the study guide!!


  17. Prakash Salian

    Not able download the

    Please help me to download.



  18. joe

    i am findin a tough time gettin the educational version of the acl software, anyone who can help should reach me on or post a direct download link here please


  19. Azhar Mohammad

    Wow thank you so much for the free study guide. I just started reviewing and so far it has been really helpful! thank you once again!


  20. selom

    Thanks for the study guide, but i have a few questions. According to the study guide am i supposed to study and pay attention only the areas shaded in blue and yellow for the exams. thanks again for the good work


    • selom,
      The yellow and blue areas are, in my opinion, the most important areas that you need to study in the guide. I would still study the rest of the material, but the guide contains way more IT information than you really need. I’d study the IT stuff, but the more detailed the IT stuff is, the less I’d study it.

      For example, understand the basics of packet switching, but don’t worry about knowing X.25 and frame-relay (see page 11 of the guide).

      What you need to study most is the material that you get the most wrong answers on when you’re going through the study questions (not part of the study guide). Make sure you practice with plenty of questions, preferably from ISACA. Wish you the best!


  21. Calvis

    i tried to download. i followed the link till i get to this (!122&authkey=!AN6d2gI2WdclzXI ) then i downloaded with IDM but it failed giving me the following error. an error occured while creating security connections.
    can i have it through my email please.


  22. Pedro Rapa

    Thank you so much for offering this content!! It saved my training :)


    • Pedro,
      Glad you like the free study guide. However, studying this alone will NOT give you the knowledge to pass the test. As I explained in the post describing this guide, I wrote this for my own study and left out the subjects and processes that I felt strong in.

      Much of what I left out was the information regarding how to audit. The guide has some of that, but not much. This cert is more about auditing that IT. Make sure you understand auditing or you will fail the exam. I hope this helps!


  23. Janani


    I am not able to download. Kindly share the material with me through my email id! Thanks



  24. Janani

    I am using google chrome for your information.


    • Janai,
      Thanks for the info. I have never checked my site with Chrome, simply because I don’t trust Google. I have never used Chrome.

      I’ll email you the guide, and I’ll try Chrome and see what happens. Thanks again.


  25. hastings wakhua

    Hello, may you please send me the guide to Iam sitting for 14dec exams and needs final touches
    Thanks much.


    • You can download the guide at the link above. Currently, I only email the guide when someone cannot download it, but before I do, I require the following information: what happened when you tried to download the guide (what went wrong) and the broswer used (including version #). To date, no one has provided information such that I can duplicate the issue.
      I suggest using either IE or Firefox to do the download; I don’t support downloads on any other browser. Sorry.


  26. Syed Hussain

    Hi, I can not download due to firewall restrictions for SkyDrive at my work place. Can you please email me the guide. Thank you.


  27. wa wamonicah

    Hey, thank you in advance but I am not able to download. This is what I am getting when I try to download
    (!122&authkey=!AN6d2gI2WdclzXI )
    Kindly send the material through my email.

    Thank you very much


    • wa,
      Sorry for your trouble. Please tell what browser and version you are using. When I clicked the above link, I saw the CISA Study Guide icon, clicked it, clicked the DOWNLOAD button, then was able to download. Please provide more details on what’s happening.


  28. wa

    Hey, I am now able to open the study guide.

    Again thank you very much for your help.

    Happy new year



  29. MK

    Dear All,
    I am unable to download pls mail me


  30. Please see my UPDATE note in the post above. I no longer email the guide to users. Sorry.


  31. fcuk


    Thanks for the guide. I will go through it before applying for the cisa exam. I plan to switch from financial auditing to IT auditing while I am from accounting background thus I need to beef up myself in IT certificate.

    One question. It is hard to cope up with IT audit when switch from financial audit ?well I am more interested in technology thus plan to make this move.



    • Hi,
      I have never been a financial auditor. However, in my opinion, auditing is auditing; it’s just a matter of understanding what you’re auditing. I struggle with financial concepts, so I doubt I could never do heavy financial auditing.

      I assume the same is true with IT auditing. If you don’t get IT and you can’t grasp the concepts (which change a lot more frequently than they do in the financial world), then you may struggle with the IT side.

      However, if you are interested in tech and are the type of person people turn to with tech problems, you will probably do just fine. If you’re interested, go for it.

      That’s why I urge folks like you to take the CISA. It will give you an overview of the concepts without a lot of $ invested.

      If you’re a decent auditor, you should do ok with the basics of IT, which I think most can grasp. The real question is whether you can come up to speed on technology you don’t know quick enough to ask some intelligent questions of those who live in the technology every day; it’s hard to audit technical experts when you’re new to the technology itself. Will you be up to that challenge over and over?

      I still face that challenge all the time, but I love it. And I enjoy putting what I learn about one technology together with what I learn about another and make use of that in the current audit. That’s what I think sets good IT auditors apart…They don’t just audit the basics, but ask if A and B, then why not C?

      If you love technology and love to learn it, then go for it.

      And as always, by understanding the financial side, you can also add D to your audit and watch for how the tech affects the financial side, and cast a bigger net for fraud and other problems.

      The auditors I know who understand tech but aren’t as technical as me, but understand finance–are better auditors than I am on everything except the really technical stuff. So even if you’re not the greatest techie, you’ll most likely do ok, as long as your audit skills are good to start with.

      Let me know what you decide and how things turn out. Wish you the best.


  32. Hi Moderator,

    Firstly, I really appreciate your good mind of sharing knowledge. Keep up the good work.
    I am currently working as an IT Executive (which is the designation given to me by the Company). Basically I do the work of a System Admin and IT Helpdesk/Technical support.I had taken ITIL V3 Foundation cert but since my department has not yet implemented ITIL standards, I do not have much experience on the certificate that I earned. Now I wish to learn about IT auditing. Which exam would be best for me and will it be really hard for me to gain this certification as I have no experience in auditing field?
    Your suggestion is highly valuable.


  33. Etna,
    The CISA is THE cert for IT auditors. I have written about it extensively here. Look at the top right of this page for the Quick Links topic called CISA. All my CISA articles are linked to that.

    If you have some technical knowledge and can learn to assess and test for certain IT risks, you’ll do fine. Passing the exam is not that hard (which really bothers me). CISA is heavier on how to audit than how to understand IT. I recommend Shon Harris’ CISA book if you can only afford one. You’ll learn a lot and laugh a lot too.
    Wish you the best.


    • Dear Mack,

      Thanks a lot for the tip.. I shall do my best to earn CISA. I’m really interested in IT auditing so wanted to know if this will make any sense for a System Administrator. This site is really helpful. Thanks a ton..
      Etna :)


      • Etna,
        i was a system admin before I became an IT auditor. It makes tons of sense because you can understand the technology and the kinds of challenges and stresses an admin faces. You can also understand how much effort it will take (and the help desk calls it will cause) to fix some audit issues.

        Glad you find the site helpful. Appreciate your comments and questions.


        • Wamonicah

          Mack, Hope all is well. What advice can you offer to a guy who does not have any IT background but is a criminologist in training. Do you think CISA is for me.

          Thank you very much for the good site 




        • W,
          If you can think like a criminal and can learn IT, you should do fine. If you’re the kind of person who needs help with laptop problems all the time (instead of figuring most of them out yourself), I’d discourage you. My advice: get Shon Harris’ CISA book and read it. Your response to that book will tell whether IT auditing is for you. Cheers!


  34. Kingsley

    Thanks very much Mack.
    I have been reading your posts and that of your followers, May God continue to give you the strength and wisdom to excel.
    I recently just heard about CISA, while job hurting for a big job. I’m presently working as an Internal Auditor and intend getting the CISA certification. I really appreciates the study text you made available, and running such an educated and resourceful site.


    • Kingsley,
      Thanks for your kind comments. I do depend on my Father God to supply all my needs, including everyday strength and wisdom.

      Best wishes on your cert; let me know when you pass!


  35. george

    my name is george. i have no experience in IT and currently working as a law enforcement officer with a background of intelligence and forensic management. Kindly advice on the most suitable program for me as i intend to resign later and use my experience at security to secure a more lucrative job..


    • Hi George,
      I’m not sure I’d steer you to IT audit. You might do well as an investigator of bank or insurance fraud, as financial companies like to hire people with law enforcement background. Sorry, but I don’t have any advice for you.


  36. Murphy

    Hi Mack,

    Thanks for your effort to share all your experience here.
    I have a question about the time frame to put on this exam.
    I am a full time IT specialist and can only study at week night and weekend.
    How much time totally I need approximately to put on it?
    Do you think there is enough time for me to study for Dec 2014 exam?

    Thanks for your advice.


    • Murphy,
      I hate to say it, but it depends. Assuming you have most of the IT knowledge needed or a minimum an excellent foundation, you might have enough time, assuming you study at least 4 days a week for a few hours..

      If you have any auditing background, definitely. But even if you don’t, you should be able to pick up the audit basics in that timeframe IF YOU PUSH YOURSELF.

      Have you taken any certification exams before? If so, that’s a plus. If you have a family, I wouldn’t recommend it. Start studying and go for the exam next year.

      If you go for this year, here’s my advice: study a section and take a study exam based only on that section. Then move to another section. You have about 8 weeks, so you’ll have to move fast (the holidays are coming). After once through all sections, you’ll know where you need to study more. If you can get through everything twice, you should be ok; three times would be better.

      So divide up the sections and make a plan with actual dates to see how many times you can get through them between now and December. That will tell you whether you have enough time. Build in a couple extra days because things WILL come up.

      Make sure you focus on the audit stuff, not the IT stuff. The exam is light on the IT side.

      Let me know what you decide to do, whether you get all your studying in, and whether you take the exam, as well as the results.

      You CAN do it. How bad do you want it AND what are you willing to put on hold to do it? Be realistic!

      Wish you the best. Mack


      • Murphy

        Hi Mack,

        Thanks for the detailed advice.

        I thought it over and I decided to sacrifice my time of the rest of the year to study. I registered last night for Dec exam.

        I checked the official manual and found out it’s very difficult to read and most of the time I have no clue what that is. Maybe this is because I have zero knowledge for auditing. so I tried the CISA study guide by David L. Cannon and well I wouldn’t that’s easy to read but at least I know what the book talking about. I will start from this book.

        By the way, should I go through every chapters then go over again or stay in one chapter until I totally understands it.

        I only had few exam certificate on my hand. I’ve done MCITP before and now it turns to MCSA. I don’t have time to take 3 more exams to upgrade to MCSE. I also got VCP5-DCV also. As you said the exam will focus on audit side so I guess those won’t gain me much benefit.

        How did you get 8 weeks? I calculated that I will have 16 weeks. 1 weeks from August and 15 weeks from OCT to 13th of Dec.


        • Murphy,
          I like a decisive guy!. Now that you’ve registered, you’re on the hook :)
          Yes, I erred on the weeks.

          As I noted in my CISA post, the official manual is poor, but it has info the others don’t. The best book (most understandable and funny) is Shon Harris’. I used those 2.

          But you’ve taken other cert exams, so you know how tricky they can be. That helps.

          Don’t reread and reread. Keep retaking the questions and focusing mainly on areas you miss. Talk to auditors about stuff you don’t understand. They’ll help. Keep in mind that like most certs, what’s in the book isn’t always what you do in the real world.

          Best of luck. I’m confident you’ll do fine. Keep me updated if you have a chance.

          Did you see my free CISA study guide?


  37. Again, if you can’t download the guide, PLEASE SEE MY ‘Update’ note above in RED…..

  38. Antony K

    It is great help! Lot of useful information to get started! Thanks again


  39. Krishna Chaitanya

    CISA Study guide is perfect & precise !!! I will come back once I pass my CISA Examination !!!


  40. Juvenal

    Thank you very very much :)


  41. Apps

    I have just downloaded your study guide, in hope of passing the exam in Sept 15….Will let you know for sure.


  42. Apps,
    Good luck, but don’t depend just on my study guide!
    Glad to hear some folks can download it; I still get many requests from people who can’t download it. For those people, again I remind them I no longer email the guide out.
    Wish you the best, and will wait to hear from you.


  43. Bismark D

    I,m finding it difficult to download the pdf. Any help pls


    • Sorry. Use one of the latest versions of Internet Explorer, Firefox, or Chrome. Lots of people download it successfully, so I’m not sure why some people have trouble. If all else fails, ask someone else to download it for you on their computer.


  44. Great work! It was so thoughtful of you to come up with a guide such as this. This will go a long way in helping me prepare. Thank you so much!


  45. Srikanth

    Hi Sir, I’m from Mainframes Security back ground as working Mainframes Security Admin and Auditor and could you suggest me whether I can pursue CISA certification? Thanks.

    Best Regards,


    • Srikanth,
      Yes, you certainly could. Lots of companies still have mainframes, but you’ll need to broaden your knowledge into other areas of IT.

      The CISA focuses on auditing, not IT (it does have questions on IT).. You’ll probably learn enough about the other areas of IT as you study for the exam. Just don’t think you’ll pass the CISA without understanding basic auditing principles and practices. So if your mainframe auditing experience isn’t based on IIA/ISACA auditing practices, make sure you study more in that area.

      If you have 3 years experience working as a security admin and auditor, you shouldn’t have any trouble with the experience requirement.

      Elsewhere on the blog I have recommended using Shon Harris’ CISA book AND ISACA’s book. Use both.

      Hope this way clear, If not, lets keep talking. Regards, Mack


  46. Than

    Good docs. Thank you


  47. Samarth

    Hello Sir,
    Thank you for the study guide and the information you provided.
    I am going to appear in September 2016 exams and i have got a CISA review manual for 2015 can i use it for the Sep exam or there are changes to the manual and I’ll have to buy new manual?
    Is it proper to study from 2015 manual for exams in 2016?
    Thank you in anticipation.


  48. Samarth,
    Glad you found the guide helpful.

    Whether you should buy a new manual, in my opinion, depends….

    If you are a seasoned auditor and understand auditing and IT fundamentals, you should be okay using the earlier version. The standards and practices do not change that much, but they are restructuring the knowledge domains and the exam in 2016 (see

    My opinion: Not enough has changed to kill your chance of passing; if you fail because you were unaware of a few changes, then its more likely you also did poorly on the material that did NOT change. In other words, you’re more likely to fail due to lack of general knowledge than failing due to the changes from restructuring.

    If you are NOT a seasoned auditor, I would buy the new manual. You might be able to pass using 2015 book (or another earlier version), but is the chance that you’ll fail and have to retake it worth it? I don’t think so.

    I wouldn’t want to spend all that time reading, studying, and going through practice questions WHILE worrying that I may not pass because I have an outdated manual.

    But that’s just my opinion…ANYONE ELSE WANT TO COMMENT?


  49. Mark

    Thanks for the feedback.


  50. Hello, thank you for the very good material on this site. I am looking for the answers to Sample Date files for ACL91, please can you provide, thank you, Ganesh


  51. Kostas

    I’m planning to take the CISA exam in June 2016 with the new ISACA format structure. I’ve been working in assurance/audit positions for many years and I have a technical IT background. I’d like to ask you -and taking in consideration your experience- would the CISA review manual as well as your remarks in the free-study-guide be enough for passing the exams or an extra/further reading is essential?
    What would be your recommendations and your primary focus on passing the exams?

    With Kind Regards


    • Kostas,
      With your background, the review manual should be sufficient. I’d read my study guide, then the review manual, doing the study questions as you go.
      See my article on passing certification exams. Focus on audit requirements and techniques more than the IT stuff. Regards.


  52. V

    CISA Review Manual, 26th Edition, is this available? I would like read this book to ensure that CISA is what I want to do pursue.


  53. Rajesh Vasudeva

    Thank you very much for the wonderful free book for guidance for CISA. As
    Your guide shows the path of preparation and ease of study.


  54. Hika

    page not found :”(


  55. How do I email to you concerns I have? please do let me know. Thanks


  56. Shikara

    Hi Mack
    I’m from South Africa and planning to write CISA in June. Thank you very much for the free study material, it was quick and easy to download. The concepts are still very much the same and your summary guideline provides a quick recap. Much appreciated :)


  57. Prasannakumar

    Hi Mack,

    I am new to CISA and just now started with reading materials and i have downloaded your free guide and hope that will help me.



    • Prasannakumar,
      Thanks. Let me know if you have any questions. See my certification posts and make sure you don’t just depend on my guide. It’s getting old, and while the basic principles of audit don’t change much, new stuff is added, and the IT details change.



    Dear Sir..
    I need to need a case study for any company that uses ACL in internal auditing
    (I want practical steps from the beginning of the audit to issuing the report) .. Can you help me?


  59. Bailey

    Hi Mack,
    I’m from Indonesia and I am new to CISA and just now started with reading materials and i have downloaded your free guide and hope that will help me.
    Thank you very much for the free study material, it was quick and easy to download.



  60. Bailey,
    Glad to hear some people can still download the guide. On occasion, I still get people who can’t download it.

    I hope you find it useful. Let me know if you have any Qs.
    Wish you the best!


  61. Pingback: Most Popular Blog Posts of 2021 | ITauditSecurity

Leave a Comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.